Thus spake David G. Andersen <dandersecs.utah.edu>:
> In PR 45353, I've submitted a patch to reserve a handfull of
> file table entries for root-only use, to mitigate the effects
> of user processes that leak file descriptors:
>
> http://www.freebsd.org/cgi/query-pr.cgi?pr=45353
>
> Even with per-process file descriptor limits, it's pretty
> easy for a buggy program that does any kind of forking to
> run the system out of file table entries (or for a malicious
> user to do so). The patch above is trivial, and at least
> enables root to login and fix things up a bit. I've been
> running it locally for about a week, and it's happy.
>
> Is the form of the solution acceptable? (And if so, anyone
> interested in committing it to -current for a while? ;-)

Cool! I have two minor comments:

- Use suser(9) for the purpose of checking superuserness.

- Instead of making the default reservation maxfiles/20, a
  constant might be more appropriate. The administrator
  does not need proportionately more file table entries to
  log in and kill misbehaving processes on larger systems.

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]